Automatic detection of MCP vulnerabilities with LLM-based judge.
Cyber Security
Semester programme:Master of Applied IT
Project group members:Nikolay Valchanov
Project description
The project is about evaluating novel approach in detection of MCP vulnerabilities in real time using LLM judge that can be integrated into existing agentic system.
Context
Model Context Protocol (MCP) enables AI agents to use external functionality via tools. It was widely adopted in the recent year, but security mechanisms are not keeping up with the pace which increases the attack surface and can lead to large financial and reputational losses for companies that were attacked. In this project, the most common MCP vulnerability was addressed - tool poisoning attack.
Results
Using LLM judge to evaluate the tool invocation intent by the rest of the agents in the system has shown significant reduction of the attack success rate for over 245 real-world test cases performed over 4 foundation models .